top of page
11.3.4.1 PCI DSS (v3.2.1)
Compliance Standard
Compliance Version
Control ID
PCI DSS
(v3.2.1)
11.3.4.1
Requirement 11: Regularly test security systems and processes
(v3.2.1)
Additional requirement for service providers only: If segmentation is used, confirm PCI DSS scope by performing penetration testing on segmentation controls at least every six months and after any changes to segmentation controls/methods.
bottom of page